<?php
	class UserDAO{
		public static function login($un, $pw){
			//check contre sql injection
			if (preg_match('/.*;.*/', $un)==0){
				$res = CommonAction::lireBD(array("PASS"), "PHP_USERS WHERE USERNAME = '".$un."'");
				$pass = $res[0]["PASS"];
				if (strcmp(md5($pw),$pass)==0){
				
					return true;
				}
				else{
					return false;
				}
			}
			else{
				return false;
			}
		}
	}